Show filters
252 Total Results
Displaying 81-90 of 252
Sort by:
Attacker Value
Unknown

CVE-2014-7538

Disclosure Date: October 20, 2014 (last updated October 05, 2023)
The Headlines news India (aka com.dreamstep.wHEADLINESNEWSINDIA) application 0.21.13219.95110 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
0
Attacker Value
Unknown

CVE-2014-7550

Disclosure Date: October 20, 2014 (last updated October 05, 2023)
The basketball news & videos (aka com.basketbal.news.caesar) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
0
Attacker Value
Unknown

CVE-2014-7342

Disclosure Date: October 19, 2014 (last updated October 05, 2023)
The Echo News (aka com.solo.report) 1.10 application (beta) for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
0
Attacker Value
Unknown

CVE-2014-6290

Disclosure Date: October 03, 2014 (last updated October 05, 2023)
The News (tt_news) extension before 3.5.2 for TYPO3 allows remote attackers to have unspecified impact via vectors related to an "insecure unserialize" issue.
0
Attacker Value
Unknown

CVE-2014-6788

Disclosure Date: September 29, 2014 (last updated October 05, 2023)
The Oman News (aka com.oman.news.rmtzlnbuooordciw) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
0
Attacker Value
Unknown

CVE-2014-6741

Disclosure Date: September 27, 2014 (last updated October 05, 2023)
The John MacArthur (aka com.john.macarthur) application 1.0.26 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
0
Attacker Value
Unknown

CVE-2014-6744

Disclosure Date: September 27, 2014 (last updated October 05, 2023)
The Al-Ahsa News (aka com.alahsa.news) application 2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
0
Attacker Value
Unknown

CVE-2014-6709

Disclosure Date: September 25, 2014 (last updated October 05, 2023)
The TechRadar News (aka com.techradar.news) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
0
Attacker Value
Unknown

CVE-2014-6237

Disclosure Date: September 11, 2014 (last updated October 05, 2023)
Cross-site scripting (XSS) vulnerability in the News Pack extension 0.1.0 and earlier for TYPO3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
0
Attacker Value
Unknown

CVE-2014-4939

Disclosure Date: July 11, 2014 (last updated October 05, 2023)
SQL injection vulnerability in the ENL Newsletter (enl-newsletter) plugin 1.0.1 for WordPress allows remote authenticated administrators to execute arbitrary SQL commands via the id parameter in the enl-add-new page to wp-admin/admin.php.
0